[PATCH] [StaticAnalyzer]Handle Destructor call generated by C++ delete expr
Jordan Rose
jordan_rose at apple.com
Wed Sep 4 17:29:23 PDT 2013
Huh, that is pretty simple...nice job! Can you include some additional tests as well?
- Use of `delete[]`, which should at least run the destructor for the first element.
- A type with a destructor declaration but no implementation -- the object members should still be invalidated. (You can test this one by storing a pointer to a local variable and then checking the value of the local variable afterwards with `clang_analyzer_eval`.)
- Deleting a value that's passed as an argument.
- Deleting a value that's `reinterpret_cast`-ed from an intptr_t.
- Deleting the address of a local variable (which should at least not crash even with only the core checkers on).
================
Comment at: include/clang/Analysis/CFG.h:207-210
@@ -206,1 +206,6 @@
+
+ // Get Delete expression which triggered the destructor call.
+ const CXXDeleteExpr *getDeleteExpr() const {
+ return static_cast<CXXDeleteExpr *>(Data2.getPointer());
+ }
----------------
I think you can just make the original accessor `const`.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngine.cpp:574
@@ +573,3 @@
+ const CXXDeleteExpr *DE = Dtor.getDeleteExpr();
+ const Stmt* Arg = cast<Stmt>(DE->getArgument());
+ SVal ArgVal = Pred->getState()->getSVal(Arg, LCtx);
----------------
Nitpick: please attach the `*` to the variable name.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngine.cpp:577
@@ +576,3 @@
+ VisitCXXDestructor(DE->getDestroyedType(),
+ ArgVal.castAs<loc::MemRegionVal>().getRegion(),
+ DE, /*IsBase=*/ false,
----------------
What if the argument value is unknown? Just use `ArgVal.getAsRegion()` here.
http://llvm-reviews.chandlerc.com/D1594
More information about the cfe-commits
mailing list